Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-jqxw-6npu-ykd1

Summary

Multiple vulnerabilities have been identified, the worst of which allow
    arbitrary code execution on a user's system via a malicious Flash file.

Aliases

alias	CVE-2008-4824

Fixed_packages

url	pkg:ebuild/www-plugins/adobe-flash@10.0.22.87
purl	pkg:ebuild/www-plugins/adobe-flash@10.0.22.87
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-plugins/adobe-flash@10.0.22.87

Affected_packages

url pkg:rpm/redhat/flash-plugin@9.0.151.0-1?arch=el4

purl pkg:rpm/redhat/flash-plugin@9.0.151.0-1?arch=el4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zpq-gs32-ubg6

vulnerability	VCID-2b8m-zcvw-sfa8

vulnerability	VCID-51dm-n7tt-5qe5

vulnerability	VCID-6rcd-pqxw-dbhk

vulnerability	VCID-avg5-yvm3-5qar

vulnerability	VCID-h93k-zzy5-euhq

vulnerability	VCID-j7bq-mz97-k7e3

vulnerability	VCID-jqxw-6npu-ykd1

vulnerability	VCID-jxu2-azw2-bbfs

vulnerability	VCID-ktjz-rbrw-nyhm

vulnerability	VCID-uh21-ps74-wyaq

vulnerability	VCID-ujwj-eby4-xfg4

vulnerability	VCID-yc7j-b5gb-jqe5

vulnerability	VCID-yzky-wqbj-2bh4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/flash-plugin@9.0.151.0-1%3Farch=el4

url pkg:rpm/redhat/flash-plugin@9.0.151.0-1.el3.with?arch=oss

purl pkg:rpm/redhat/flash-plugin@9.0.151.0-1.el3.with?arch=oss

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zpq-gs32-ubg6

vulnerability	VCID-2b8m-zcvw-sfa8

vulnerability	VCID-51dm-n7tt-5qe5

vulnerability	VCID-6rcd-pqxw-dbhk

vulnerability	VCID-avg5-yvm3-5qar

vulnerability	VCID-h93k-zzy5-euhq

vulnerability	VCID-j7bq-mz97-k7e3

vulnerability	VCID-jqxw-6npu-ykd1

vulnerability	VCID-jxu2-azw2-bbfs

vulnerability	VCID-ktjz-rbrw-nyhm

vulnerability	VCID-uh21-ps74-wyaq

vulnerability	VCID-ujwj-eby4-xfg4

vulnerability	VCID-yc7j-b5gb-jqe5

vulnerability	VCID-yzky-wqbj-2bh4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/flash-plugin@9.0.151.0-1.el3.with%3Farch=oss

url pkg:rpm/redhat/flash-plugin@10.0.12.36-2?arch=el5

purl pkg:rpm/redhat/flash-plugin@10.0.12.36-2?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zpq-gs32-ubg6

vulnerability	VCID-2b8m-zcvw-sfa8

vulnerability	VCID-51dm-n7tt-5qe5

vulnerability	VCID-6rcd-pqxw-dbhk

vulnerability	VCID-avg5-yvm3-5qar

vulnerability	VCID-h93k-zzy5-euhq

vulnerability	VCID-j7bq-mz97-k7e3

vulnerability	VCID-jqxw-6npu-ykd1

vulnerability	VCID-jxu2-azw2-bbfs

vulnerability	VCID-ktjz-rbrw-nyhm

vulnerability	VCID-uh21-ps74-wyaq

vulnerability	VCID-ujwj-eby4-xfg4

vulnerability	VCID-yc7j-b5gb-jqe5

vulnerability	VCID-yzky-wqbj-2bh4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/flash-plugin@10.0.12.36-2%3Farch=el5

References

reference_url	http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html

reference_url	http://osvdb.org/49958
reference_id
reference_type
scores
url	http://osvdb.org/49958

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4824.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4824.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-4824

reference_id

reference_type

scores

value	0.49036
scoring_system	epss
scoring_elements	0.9778
published_at	2026-04-21T12:55:00Z

value	0.49036
scoring_system	epss
scoring_elements	0.97749
published_at	2026-04-01T12:55:00Z

value	0.49036
scoring_system	epss
scoring_elements	0.97755
published_at	2026-04-02T12:55:00Z

value	0.49036
scoring_system	epss
scoring_elements	0.97756
published_at	2026-04-04T12:55:00Z

value	0.49036
scoring_system	epss
scoring_elements	0.97758
published_at	2026-04-07T12:55:00Z

value	0.49036
scoring_system	epss
scoring_elements	0.97763
published_at	2026-04-08T12:55:00Z

value	0.49036
scoring_system	epss
scoring_elements	0.97767
published_at	2026-04-09T12:55:00Z

value	0.49036
scoring_system	epss
scoring_elements	0.9777
published_at	2026-04-11T12:55:00Z

value	0.49036
scoring_system	epss
scoring_elements	0.97772
published_at	2026-04-12T12:55:00Z

value	0.49036
scoring_system	epss
scoring_elements	0.97773
published_at	2026-04-13T12:55:00Z

value	0.49036
scoring_system	epss
scoring_elements	0.97779
published_at	2026-04-16T12:55:00Z

value	0.49036
scoring_system	epss
scoring_elements	0.97781
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-4824

reference_url	http://secunia.com/advisories/32702
reference_id
reference_type
scores
url	http://secunia.com/advisories/32702

reference_url	http://secunia.com/advisories/32772
reference_id
reference_type
scores
url	http://secunia.com/advisories/32772

reference_url	http://secunia.com/advisories/33179
reference_id
reference_type
scores
url	http://secunia.com/advisories/33179

reference_url	http://secunia.com/advisories/33390
reference_id
reference_type
scores
url	http://secunia.com/advisories/33390

reference_url	http://secunia.com/advisories/34226
reference_id
reference_type
scores
url	http://secunia.com/advisories/34226

reference_url	http://security.gentoo.org/glsa/glsa-200903-23.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200903-23.xml

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1

reference_url	http://support.apple.com/kb/HT3338
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3338

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm

reference_url	http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=834256&poid=
reference_id
reference_type
scores
url	http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=834256&poid=

reference_url	http://www.adobe.com/support/security/bulletins/apsb08-22.html
reference_id
reference_type
scores
url	http://www.adobe.com/support/security/bulletins/apsb08-22.html

reference_url	http://www.isecpartners.com/advisories/2008-01-flash.txt
reference_id
reference_type
scores
url	http://www.isecpartners.com/advisories/2008-01-flash.txt

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0980.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0980.html

reference_url	http://www.securityfocus.com/archive/1/498561/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/498561/100/0/threaded

reference_url	http://www.us-cert.gov/cas/techalerts/TA08-350A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA08-350A.html

reference_url	http://www.vupen.com/english/advisories/2008/3189
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/3189

reference_url	http://www.vupen.com/english/advisories/2008/3444
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/3444

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1618335
reference_id	1618335
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1618335

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:adobe:flash_player::::::::
reference_id	cpe:2.3:a:adobe:flash_player::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:adobe:flash_player::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-4824

reference_id

CVE-2008-4824

reference_type

scores

value	9.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:C/I:C/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2008-4824

reference_url	https://security.gentoo.org/glsa/200903-23
reference_id	GLSA-200903-23
reference_type
scores
url	https://security.gentoo.org/glsa/200903-23

reference_url	https://access.redhat.com/errata/RHSA-2008:0945
reference_id	RHSA-2008:0945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0945

reference_url	https://access.redhat.com/errata/RHSA-2008:0980
reference_id	RHSA-2008:0980
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0980

Weaknesses

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Exploits

Severity_range_score 9.3 - 9.3

Exploitability 0.5

Weighted_severity 8.4

Risk_score 4.2

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jqxw-6npu-ykd1

Vulnerability Instance